https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Security Central: Deloitte Hit by Cyber-attack, New Verizon Leak Discovered

  • Written by Allison Francis
  • October 20, 2017
This week’s Security Central takes a peek inside Deloitte’s cyber-attack, explores Verizon’s latest data leak, and takes a look at key findings from Nexusguard's cybersecurity threat report.

Deloitte, one of the world’s “big four” accountancy firms, announced on Monday that it was hit by a sophisticated cyber-attack. The hack, one that apparently went undetected for several months, compromised the confidential emails and plans of some of the company’s blue-chip clients.

The attack, which appeared to have targeted the firm’s U.S. operations, is thought to have been discovered in March and could have begun as early as October 2016. The Guardian was the first to report the story. So how did it happen? The hacker accessed the firm’s global email server through an “administrator’s account” that gave them unrestricted “access to all areas.” And it was all too easy – the account required only a single password and did not have two-step verification.

Deloitte said “very few” clients were impacted, and has solicited outside help to review its security. However small the scale may be here, there are glaring issues that mustn’t be ignored. Could this have been prevented? As in most cases, absolutely. Our experts weigh in.

Willis McDonald, Threat Research Manager at Core Security, shared his insights on the matter. “Deloitte provides a security consultancy service to enterprise and government clients, which include recommendations against having administrator accounts without multi-factor authentication,” said McDonald. “The fact that a Deloitte administrator account was accessible without multi-factor authentication is inexcusable. To make matters worse, it appears that no one at Deloitte noticed suspicious account activity for months.”

True, he has a point, but it begs the question – with Deloitte being perhaps one of the more cyber-savvy organizations, how did this happen? According to Gaurav Banga, Founder and CEO of Balbix, unfortunately, the myriad of different ways in which an enterprise may be breached is very large, and even a robust investment in traditional security technologies and incident response is not enough.

“Enterprises need to think proactively to really understand their attack surface of software and humans continuously and comprehensively – which parts are at greatest risk, what mitigations will work well, and where the security gaps are,” says Banga.

Further, static passwords simply cannot provide effective corporate protection anymore. It’s up to providers and enterprises to follow best practices in authenticating users, starting with a proactive approach to identifying suspicious logins. “Dynamic identity management solutions that can detect potential intrusions, require multi-factor authentication, and integrate with existing systems for managing user access can be much more effective than basic password protection,” says Rich Campagna, CEO, Bitglass. 

Our second story takes a look at our pals at Verizon. Apparently something is wrong with the plumbing over there, because the telecommunications giant has sprung another leak. It was announced last Friday that confidential and sensitive documents, including server logs and credentials for internal systems, were found on an unprotected Amazon Web Services (AWS) S3 storage server controlled by a Verizon Wireless customer. The discovery was made by security researchers at the Kromtech Security Research Center.

The server held several files, mostly scripts and server logs, and possibly usernames and passwords to internal systems. Other folders contained internal Verizon “confidential and proprietary materials” documents, detailed server and infrastructure maps, server IP addresses, global router hosts, and several scripts that could have allowed access to important parts of the system.

In the end, no customer data was involved, but that doesn’t mean Verizon is off the hook. The information could be extremely useful to attackers. To know the layout of the company’s systems is a prize many hackers would give their left arm for (well, perhaps not… typing malicious code would be too difficult with one hand). It’s unknown at this point if anyone else beyond the security researchers accessed the bucket.

“Given the high number of incidents involving exposed S3 buckets that we have seen in the past few months, it is baffling that every organization is not carefully looking into the configurations and exposure levels of their storage in the cloud,” Zohar Alon, co-founder and CEO of Dome9 shared in a statement. “Protecting data in the cloud from accidental exposure and theft is a business priority.”
 
Alon goes on to say that companies need to be held highly accountable for their lack of security on the public cloud. The public cloud needs a united front on security with regular configuration checks and balances – where public cloud providers, third party tools with advanced features, and a governing body all work together in order to ensure corporate and consumer data stays safe and out of the reach of hackers.

Our last story takes a look under the hood of the latest cybersecurity threat report from Nexusguard. The report, which measured more than 8,300 attacks, takes a deep dive into IoT and DNS-based attacks specifically. And guess what? These types of attacks are on the rise. Shocking.

Highlights from the data include:

  • UDP attacks (targeting DNS servers and amplifying volume through IP-connected devices) grew 15% in the last quarter, becoming the most popular type of attack.
  • Switzerland broke in to the Top 3 country sources of attacks as extortionist gangs became more active in Europe.
  • Three out of every four DDoS attacks used multiple vectors, often masking other other malicious behavior, such as executing remote codes or compromising personally identifiable information.

“UDP attacks can frequently act as smokescreens over other malicious behavior, such as efforts to execute remote codes, malware, or compromise personally identifiable information,” said Juniman Kasman, chief technology officer for Nexusguard. “Due to the speed with which UDP attacks can overwhelm DNS servers and hijack IoT devices, rapid detection and response is critical for overcoming these types of attacks. Organizations need to protect their DNS servers, and should consider using Anycast routing technology to avoid saturating individual attack targets.”

It has been awhile since we’ve seen these types of attacks make headlines, but make no mistake – the potential for them to occur is always there. Read the full “Q2 2017 Threat Report” for more details and insight.

The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Security Technologies

Related


  • Microsoft Teams Group Display and Mobile
    Microsoft, SAP Plan Teams Integration, Expand Cloud Migration Pact
    Native Teams integration is coming to SAP business apps this summer.
  • Distribution
    HPE Appoints Longtime HPE/HP Vet as Worldwide Distribution Head
    More than 80% of HPE's indirect business goes through distribution.
  • Hungry Businessman
    Acquisition-Hungry Sapphire Systems Powers Ahead with US Expansion
    The newly appointed GM shares plans for U.K. SI Sapphire Systems’ U.S. growth.
  • Woman Thumbs Up
    Industry Experts Laud Biden Proposal for Increased Federal Cybersecurity Spending
    The plan includes increasing Cyber Security and Information Security Agency (CISA) funding.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cyberattacks: Threat Hunters Conquer Unpredictability with 3 Measures
  • Legal Experts: VMware's Lawsuit Against Nutanix's New CEO Lacks Weight
  • SolarWinds Hackers Hit Malwarebytes, But Impact Limited to Internal Email
  • Citrix to Acquire Wrike for $2.25 Billion, Expand SaaS Portfolio

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

The Rise in Remote Work Increases the Need for Patch Management

January 27, 2021

Partners Share Their 2021 Goals—and Plans for Achieving Them

January 26, 2021

The Importance of Being Security-Centric

January 22, 2021

Webinars

View all

Your Network Perimeter Has Changed

February 18, 2021

In Case of Emergency: The Importance of Proactive Critical Event Management

February 23, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Product Brief: Kaseya VSA Integrated Workflows with BMS and IT Glue

January 26, 2021

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Building an efficient and profitable #patchmanagement practice in 2021 @ConnectWise #cybersecurity #endpoint #MSP… twitter.com/i/web/status/1…

January 28, 2021
ChannelFutures

International effort takes down #Emotet botnet, but @Netenrich, @digitalshadows, @Vectra_AI say it will be back.… twitter.com/i/web/status/1…

January 28, 2021
ChannelFutures

.@Microsoft @Azure’s Tyler Bryson, new U.S. channel head, talks priorities at @GetNerdio’s #NerdioCon… twitter.com/i/web/status/1…

January 27, 2021
ChannelFutures

.@CryptoStopper hires @GetChanneled to build partner program, act as virtual channel chief. #ransomware… twitter.com/i/web/status/1…

January 27, 2021
ChannelFutures

MSSPs, check for this ‘novel’ social engineering threat from North Korea. #Google. dlvr.it/RrTS9J https://t.co/2mDcnNvkHz

January 27, 2021
ChannelFutures

.@keepersecurity report shows financial sector heavily targeted by #cybercriminals. dlvr.it/RrTBPz https://t.co/joTBNeb2MT

January 27, 2021
ChannelFutures

.@Trustwave unveils new global referral partner program. #cybersecurity dlvr.it/RrT9Td https://t.co/amXCw33UsF

January 27, 2021
ChannelFutures

Ecosystem security provider Cyberpion launches first #partnerprogram. dlvr.it/RrSnxK https://t.co/g7Po3jq8iw

January 27, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X